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(54) Protection system against unauthorised use of a mobile telephone 



(57) A mobile terminal 100 for a wireless communi- 
cation system and a software product are provided com- 
prising a protection against unauthorised use of one or 
more functions of the mobile terminal during use, with 
the mobile terminal being able to display a number of 
access codes 402 on the display 1 01 of the mobile ter- 
minal, to verify an access code 401 selected by a user 
from the number of access codes , and to grant access 
to the respective function if a correct access code is se- 
lected. 
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Description 

[0001 ] The present invention is related to a protection 
mechanism for preventing unauthorised access to the 
functions of a mobiie terminal for a wireless communi- s 
cation system, in particular for preventing unauthorised 
access to the functions of a mobile telephone being in 
an operational mode. 

[0002] In present day cellular telecommunication sys- 
tems, a subscriber is issued a SIM (Subscriber identifi- 10 
cation Module) card containing data for identifying the 
subscriber and for checking the user rights of the sub- 
scriber each time he or she uses the services of the sys- 
tem. With the SIM card a subscriber can use any mobile 
terminal that is operable in the telecommunication sys- 15 
tern. As a protective measure, a user has to enter a Per- 
sonal Identification Number (PIN) prior to getting access 
to the functions of his mobile terminal. A mobile terminal 
can e.g. be a PDA (Personal Digital Assistant) a cellular 
mobile radiophone or the like for use in a wireless tele- 20 
communication system, e.g. the GSM or UMTS sys- 
tems. 

[0003] In the context of this application, the term PIN 
is either used as a synonym for the PIN kept on the SIM 
or as a synonym for a PIN stored in a memory of the 25 
mobile terminal. When a PIN is entered incorrectly for a 
certain number of times, access 0 the mobile terminal 
is usually blocked, until a correct Personal Unlock Key 
(PUK) or a Personal Unblocking Key is entered to set 
or reset personal access conditions. As distinct from the 30 
Personal Unblocking Key, the Personal Unlock Key 
(PUK) is not stored on the SIM but in a memory of the 
mobile terminal. 

[0004] Being prompted for the PIN is normal when 
switching on a mobile phone. A correct PIN entered is 35 
a pre-condition that a mobile terminal enters its opera- 
tional state. Only then calls can be received. An opera- 
tional state or mode in this context includes the idle as 
well as the busy mode of the phone. Mobile terminals 
representing a combination of two or more devices in 40 
one unit may require a user authorisation by entering a 
PIN only for accessing certain sub-units. In the case of 
e.g. a PDA combined with a mobile phone, a user might 
be allowed to the PDA section without further prove of 
his identity, while the mobile phone sub-unit will only be 45 
accessible after entering a correct PIN. But in any case, 
once a mobile terminal is operational, any user is able 
to access all functions provided by the phone without 
further authorisation. 

[0005] As a consequence, even a malicious subject 50 
getting hold of an unattended mobile terminal in opera- 
tional mode has to date full access to all of its functions. 
Hereby, the culprit can for one accumulate a lot of charg- 
es by using the services available from the mobile tele- 
communication system in which the mobile terminal is 55 
currently registered, especially when the phone has 
been stolen in a foreign country and roaming fees are 
charged. On the other hand, he might further misuse 



personal information stored on the mobile terminal to the 
detriment of its legal owner. 

[0006] The damage caused in the latter case be- 
comes increasingly important as nowadays mobile ter- 
minals have a lot of personal information ready for a us- 
er, e.g. schedules, phone numbers, and memos, which 
usually disclose a lot of valuable information about the 
owner thus making him vulnerable. This personal infor- 
mation should therefore not be available to other per- 
sons than the owner of a phone. 
[0007] To provide a protection mechanism for mobile 
phones in operational mode, EP 0 796 023 A2 proposes 
a setting of a time limit, after which the operation of the 
mobile telephone will be blocked, hereby setting a 
vague limit for unauthorised use. A misuse of the phone 
is still possible until the elapsed-time meter reaches the 
set limit, and until this moment, a culprit will be able to 
use the mobile terminal for his own purpose and to fur- 
ther spy out personal data stored on the phone. 
[0008] According to the system disclosed in US 6 016 
349, data that unequivocally identify the owner of the 
cellular phone are sent to a decryption and identification 
station when requesting services from a telecommuni- 
cation system. The identifying data themselves are 
stored on a plug-in card, which the user has to insert in 
the phone each time he wants to use it. Alternatively the 
identifying data are stored in the mobile terminal and a 
means for the legal identification of the owner of the mo- 
bile terminal is activated by entering a secret code. 
When the transmission of the identifying data is not 
blocked by removing of the plug-in card from the mobile 
phone, or in another embodiment by deactivating the le- 
gal identification means, an illicit usage of the phone is 
not obstructed. 

[0009] EP 0 993 167 A1 proposes an automatic 
switching of a mobile terminal into a security mode as 
soon as an end of a communication is detected. In this 
security mode no transmission of user information is 
possible, but a transmission of information specific to 
the mobile terminal is maintained. To exit the security 
mode and to get back to the phones nominal operation, 
a user has to enter a predetermined code. A malicious 
subject that gained control of the phone can make no 
calls from it, but is still allowed to access personal infor- 
mation stored on the phone. In addition, a user has to 
memorise a further code, which he is obliged to enter 
each time he wants to make a call. 
[001 0] It is therefore an object of the present invention 
to prevent unauthorised access but provide quick and 
easy way of authorisation for providing access to func- 
tions provided by a mobile terminal being in an opera- 
tional state. 

[0011] This object is achieved by a mobile terminal for 
a wireless communication system, providing a protec- 
tion against unauthorised use of one or more functions 
of the mobile terminal during use, with an access control 
means for controlling the access to the one or more 
functions on the basis of access codes, a display means 
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for displaying a number of access codes when one of 
the one or more functions is chosen, and a selecting 
means for selecting an access code from the number of 
displayed access codes, whereby the access control 
means grants access to the chosen function if a correct s 
access code is selected. 

[0012] Further, this object is achieved by a software 
product for providing a protection against unauthorised 
use of one or more functions provided by a mobile ter- 
minal for a wireless communication system during use, 10 
whereby the software product is, when being loaded in 
a memory of the mobile terminal able to perform the fol- 
lowing program steps: displaying a number of access 
codes on the display of the mobile terminal, verifying an 
access code selected by a user from the number of ac- 15 
cess codes, and granting access to the respective func- 
tion if a correct code is selected. 
[0013] The proposed system of granting access to 
functions of a mobile terminal on the basis of a user se- 
lecting a correct access code from a number of access 20 
codes presented to him, allows the user to access the 
desired functions quickly, but still prevents a misuse of 
the phone by a malicious subject. Hereby it is especially 
convenient for a user, that no additional codes have to 
be memorised, a difficulty which many people fail to 25 
cope with. The only thing requested is to recognise the 
correct code within the number of codes presented, a 
task normally mastered by anyone. 
[0014] Further advantageous features are claimed in 
the respective subclaims. 30 
[0015] Preferably the access code to be selected is a ■ 
graphical element, which is very easy to recognise. For 
increased security the access code can advantageously 
also be formed of a combination of alphanumeric ele- 
ments. 35 
[001 6] Upon selecting a wrong access code for a first 
time, the mobile terminal is advantageously blocked un- 
til a Personal Identity Number or the like is entered, so 
that trying out different access codes subsequently by 
a malicious subject is prevented. To further increase the 40 
level of security, a Personal Unlock Key or the like has 
advantageously to be entered upon selecting a wrong 
access code for a second time. 
[0017] Preferably it can be selected which functions 
are to require authorisation for being accessed. 45 
[0018] Further advantageously separate access 
codes for different users to one function can be as- 
signed, allowing full customisability of the protection 
mechanism. 

[001 9] Upon detection of a replaced Subscriber Iden- so 
tity Module or the like the access to each protected func- 
tion is blocked until a Personal Unlock Key or the like is 
entered and the respective correct access code is se- 
lected. By this, all the protected information is hidden 
from the new user as long as he is not in the knowledge ss 
of the correct access codes. 

[0020] Preferably the protection mechanism is auto- 
matically activated upon a defined operation condition 



of the cellular mobile telephone, whereby advanta- 
geously the operation condition is defined as a prede- 
termined period of time for which no key entries are 
made by the user and/or the mobile telephone is being 
connected to a charging device and/or if the mobile ter- 
minal is connected to a hands free kit of a car, the op- 
eration condition is defined as the ignition of the car be- 
ing switched off for a predetermined period of time, so 
that a user doesn't have to care about the security of his 
mobile terminal at any time. 

[0021 ] To be sure that the phone operates in protected 
mode, a user can advantageously activate the protec- 
tion mechanism at his own by pressing a predefined key 
or key-sequence or by executing a special menu com- 
mand or by activating the key-lock of the phone. 
[0022] For improved tamper-resistance the mobile 
terminal is further advantageously turned off completely 
upon a wrong access code being selected three times 
in a row. 

[0023] In the following description, particular embod- 
iments of the present invention are explained in more 
detail in relation to the enclosed drawings, in which 

Fig. 1 shows a schematic representation of a mobile 
terminal according to the present invention with a 
number of access codes presented in the display, 

Fig. 2 is a flow chart representation of an access 
scheme according to a particular embodiment of the 
present invention, 

Fig. 3 is a block diagram showing the means of the 
mobile terminal according to the present invention, * 

Fig. 4a shows an enlarged view of the display of the 
mobile telephone with a first example of displayed 
access codes, 

Fig. 4b shows an enlarged view of the display of the 
mobile telephone with a second example of dis- 
played access codes, and 

Fig. 4c shows an enlarged view of the display of the 
mobile telephone with a third example of displayed 
access codes. 

[0024] In the drawings like elements are assigned 
identical reference numerals. 

[0025] Fig. 1 shows a graphical representation of a 
mobile terminal 1 00 according to the present invention. 
The mobile terminal 1 00 comprises a display 1 01 for dis- 
playing information to the user, a number of keys 102 
forming a key pad unit 103, and scroll means 1 04. The 
scroll means (jog dial) is a rotational key, which can be 
turned clockwise or counterclockwise to scroll through 
the displayed access codes and to select one of them 
or a key which allows a scrolling through the access 
codes and the selection of one of them by pressing dif- 
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ferent positions on the surface of the key. To prevent 
unintended pressing of keys 102, in a special embodi- 
ment of the present invention a flap 105 which covers 
the front face of the mobile terminal in its closed position 
is connected to the main body of the phone. 
[0026] When a user switches on his mobile terminal 
100, an information is displayed on the display 101 re- 
questing the user to enter his Personal Identification 
Number (PIN), which is stored on the SIM. After the user 
entered the correct PIN with the keys 102 of key pad 
103, the mobile terminal switches into the operational 
mode. In this state, a user can start to look for the de- 
sired function provided by the mobile telephone like e. 
g. the scheduler, the phone book, the message box, the 
memo facility or the ringer. Usually not all functions pro- 
vided by the mobile terminal bear a potential for being 
misused to the detriment of the owner. Therefore, only 
some of the available functions will be selected by him 
for being protected according to the present invention. 
Upon selecting one of the protected functions, a number 
of access codes 402 is presented to the user on the dis- 
play from which he has to select the correct one for fi- 
nally getting access to the protected function chosen. 
When the user selects the wrong access code 401 , he 
will be denied access to that function. Thus, somebody 
who does not know the correct access code has only a 
very small chance of picking the right code so that most 
probably a non-authorised person will not be able to mis- 
use one of the functions. The relative security increases 
with the number of access codes presented for selection 
on the display of the mobile phone. To support a quick 
capture of the correct access codes by a user, the ac- 
cess codes are typically realised in the form of graphical 
elements, particularly as icons. 
[0027] For a start, the icons can be proposed by the 
mobile phone. A user further has the possibility to down- 
load new icons via SMS or Internet from an icon provider 
service or even create icons on his own at one of those 
services, and thereby enlarge and individualise to his 
own taste the set of icons available on his mobile phone. 
Moreover, a user can create new icons on his own using 
means on his mobile terminal or an a different comput- 
ing device. Icons can be transferred between a mobile 
terminal and another device as well as between two mo- 
bile terminals employing known means as e.g. a serial 
cable, a wireless connection or an exchangeable mem- 
ory device or the like. 

[0028] Alternatively to using icons, the access code 
may also be represented by an alphanumeric code be- 
ing a combination of numbers and/or letters and/or spe- 
cial characters. Alphanumeric access codes provide a 
higher level of security compared to graphical elements, 
because it is impossible to establish an association be- 
tween a special function and this kind of abstract code 
like it might e.g. be possible with icons. 
[0029] To make sure that the access code can be se- 
lected in very short time, advantageously the number of 
access codes which are presented to the user each time 



he tries to access a protected function may not exceed 
5 to 20 symbols. The correct symbol can be selected 
very easily with a scroll means 104 allowing an easy 
navigation through the arrangement of access codes on 
5 the display. 

[0030] Further advantageously, the number of access 
codes are presented to the user of the mobile terminal 
automatically each time he tries to access one of the 
protected functions. 
10 [0031] Although the described method for entering a 
password provides a quick way with practically no delay 
in accessing a desired function, the level of security pro- 
vided herein is not comparable to the level of security 
given by e.g. the method of manually entering a Person- 
's al Identification Number each time when a password is 
required. In a special embodiment of the present inven- 
tion care is taken therefore, that nobody tampering with 
a mobile terminal can try different access codes until he 
finally gets access to one of the protected functions. This 
20 is illustrated in Fig. 2 , a flow chart showing the opera- 
tional sequence of the protection mechanism according 
to this particular embodiment of the present invention. 
The mobile terminal is turned on in step S2. The access 
codes monitored in particular are the Personal Identifi- 
es cation Number (PIN), the Personal Unlock Key (PUK), 
and the access code 401 according to the present in- 
vention (icon). In the normal case a user is requested to 
enter his PIN S3 first, and can then select the function 
of his choice guided by the menu presented on the dis- 
30 play of the mobile terminal in step S4. Next, the number 
of access codes is presented to the user on the display 
S5 from which he selects the correct one S6 for getting 
access. The system checks if the entered access code 
is correct S7, and if so re-sets the icon counter S8 to the 
35 initial value and enters the desired function S9 subse- 
quently. 

[0032] If the PIN entered in step S3 cannot be verified 
in step S31, the PIN-counter is incremented by one in 
step S32. In step S33 it is checked if the number of 

40 wrongly entered PINs has reached a certain value N, 
which is usually set to N=2. If not, the user is requested 
to re-enter the PIN again. If the limit N is already 
reached, the system proceeds to step S34 where the 
user is requested to enter the PUK which is checked for 

45 correctness in step S35 and if entered incorrect the 
PUK-counter is incremented by one is step S36. In step 
S37 it is queried how often the PUK has been entered 
wrongly, and if this has been done M times the mobile 
terminal will be turned off in step S1 . M usually has a 

so value of 1 or 2. If the PUK counter shows a value below 
M the user is requested to enter the PUK a further time. 
On entering a correct PUK this time, the system will pro- 
ceed with checking if the number of wrongly entered ac- 
cess codes 401 in step 40 is zero or not. 

55 [0033] If no wrong access code has been entered pre- 
viously, the icon counter shows a value of zero. The que- 
ry of step S40 in this case switches to step 41 where the 
PIN-counter and the PUK-counter are re-set to the initial 
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values of zero. Then the user can select the desired 
function in step S4 upon which he is being displayed the 
number of access codes in step S5 from which he se- 
lects one in step S6, and, assumed that this time the 
user selects the wrong one which will be detected in step 
S7, the icon counter will be incremented by one in step 
S71 , and subsequently the number of wrong selections 
of an access code by the user will be checked by a query 
in step S72. If the user selected the wrong code for the 
first time, he will be referred back to step S3, or in other 
words he has to enter the PIN again. If the wrong code 
was selected for a second time, the user is requested 
to enter the PUK again in step S34 after which, assumed 
the PUK has been verified correctly in step S35, the user 
can for a third time select an access code from the prer 
sented number of access codes in step S6. If a wrong 
code is selected for a third time, the mobile terminal is 
immediately switched off in step S1 . 
[0034] The means providing in their interaction the 
protection mechanism described above are shown in 
the block diagram of Fig. 3. It is to be noted that only 
features relevant for the understanding of the present 
invention are shown. All means communicate with each 
other either directly or via a databus 305. The control 
unit 303 controls the central functions of the mobile ter- 
minal 100. The access control 300 provides the func- 
tionality according to which the access to a selected 
function of the cellular mobile terminal is only granted 
upon selection of a correct access code from a number 
of access codes displayed on the display means 101 . 
[0035] According to a particular advantageous em- 
bodiment of the present invention, the access control 
300 further provides a functionality to enter and store 
user profiles. A user profile typically comprises informa- 
tion about the user identity, the protected function or 
functions, the access code or codes 401 to those func- 
tions, the SIM-identity, and optionally a users PIN and/ 
or PUK codes. Depending on the actual embodiment of 
the present invention not all those information have to 
be present in a user profile. 

[0036] Two separate means are provided for selecting 
a special access code from a number of access codes 
presented on the display 101 , a jog dial 104 and a key 
pad 103. The jog dial allows a fast and easy navigation 
through the number of access codes, especially when 
only one finger can be used. Additionally or alternatively 
also selected keys 102 from the key pad 103 can be 
used instead. 

[0037] By pressing a pre-defined sequence of keys, 
like e.g. the sequence used to block the key pad, the 
protection mechanism provided by the access control 
300 can be activated and/or deactivated manually by the 
user. In a special embodiment of the present invention, 
the protection mechanism is not active constantly, but 
only when certain conditions are met. To check the oc- 
currence of a condition, the detection means 304 mon- 
itors the functions of the mobile terminal 1 00. One of the 
conditions is, that no key entries have been made for a 



predetermined time, so that a busy user can hop from 
function to function without being required to enter an 
access code but as soon as he seized to use the phone 
for a pre-set time, the detection means 304 will notice 
5 that, and activate the access control 300 thus enforcing 
the protection mechanism. The detection means will fur- 
ther activate the access control on noticing that the mo- 
bile terminal has been connected to a charger. In case 
the mobile terminal is connected to a hands-free set in 
10 a car the detection means will check if the ignition of the 
car is switched on or off. If the ignition has been switched 
off for a certain period of time, the access control 300 
will be activated by the detection means 304. 
[0038] The detection means 304 further checks if 
is keys have been pressed in a certain sequence like de- 
scribed above, or if a key-lock has been activated. The 
detection means 304 will also activate the access con- 
trol 300 upon the occasion that a user selects a special 
menu point. Especially advantageous, the protection 
mechanism is activated by the detection means upon 
detecting a flap 1 05 of the mobile terminal flipped to its 
closed position. In addition, the access control may be 
activated with a pre-defined time delay after one or more 
of the above described conditions were met. 
[0039] The function access control 301 provides the 
userwith a means for selecting functions to be protected 
by the access control 300. Functions not selected for 
protection can be accessed by anyone, therefore these 
function bear no critical personal information and have 
no potential for that a misuse creates a financial disas- 
ter. A user can enable and/or disable access codes for 
functions in a separate menu. As a protective measure 
against unauthorised modifications of those security 
settings, a second security code like e.g. the PUK may 
be requested to confirm changes. 
[0040] Although a user has the possibility to choose 
which functions are to be protected by the access con- 
trol, especially the following functions of a mobile termi- 
nal are suggested for being protected by the function 
access control 301 : the organiser, the phone book, the 
memo block and the reading of stored SMS/e-mails be- 
cause they contain a lot of personal information about 
the user. But also stored WAP pages and Java programs 
are included in the suggestion. Particularly the starting 
of a phone call is a function suggested for protection, 
because a culprit can create a lot of cost particularly by 
calling up certain phone numbers. To keep privacy, also 
accepting a phone call is suggested to be included in 
the protection mechanism. 

[0041] The counting means 302 counts the number of 
incorrect selected access codes and incorrect entered 
PIN and PUK. It realises the access control scheme ac- 
cording to Fig. 2 in co-operation with access control 300. 
[0042] According to a further embodiment of the 
present invention, different users sharing the same 
phone with the same SIM can have different passwords 
for accessing one and the same function. In this case, 
after the phone has been turned on and the PIN has 
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been entered correctly, the current user of the phone is 
at first asked to identify himself, which he will do by se- 
lecting an access code from a number of assorted ac- 
cess codes especially made up for a user-logon. This 
identification mechanism is technically identical to the 
above described authorisation mechanism for access- 
ing a protected function. When a user selected his spe- 
cial icon, his special subset number of access codes for 
accessing protected functions and/or his user profile will 
be used further on. If a user selected an icon which was 
not assigned to any user, the system will proceed like in 
the case of a falsely selected access code upon access- 
ing a protected function. 

[0043] The assignment of an access code can be 
done similar to the assignment of a PIN. Such methods 
are well known and therefore not further discussed here. 
[0044] When the SIM card of the mobile terminal has 
been exchanged, very likely a different user takes over 
the mobile telephone. All the information regarding the 
protection of personal information and functions of the 
mobile terminal are then hidden from the new user so 
that he will be unable to retrieve some of the protected 
information. Sometimes the same userchangesthe SIM 
because he lost his old SIM card or because his contract 
with an operator of a radiotelephone network expired or 
because of any other reason. Then it has to be made 
sure, that the user can restore his access to the protect- 
ed functions on the phone. For this purpose a user is 
required to enter the Personal Unlock Key directly fol- 
lowed by the access code. For convenience, the user is 
enabled to transfer his user profile to the identity of a 
different SIM card after entering the relevant security 
codes. 

[0045] Distinct possibilities of arranging the number 
of access codes on the display of the mobile terminal 
are shown in Fig. 4a to Fig. 4c. According to a preferred 
embodiment of the present invention a user can choose 
which form of displaying the access codes he wants to 
use. In the example of Fig. 4a, the access codes are 
displayed according to a method described in EP 1 028 
570 A1 . According to this method at least some of the 
available access codes 401 are displayed on the display 
means 101 such that the currently selected access code 
401 is displayed enlarged, which means that the other 
displayed access codes are shown in a relative smaller 
size. The display 1 01 . of the mobile telephone is prefer- 
ably a graphical display, which has a much higher res- 
olution then a usual text or character display, and allows 
a visually attractive display of smoothly rotating access 
codes. The display illustrated in Fig. 4a shows 8 icons 
on 8 different positions, all lined up in a circular arrange- 
ment. Preferably, the name of the protected function to 
be accessed is displayed as a text information just below 
the access codes. In the example of Fig. 4a the respec- 
tive function is "Message". The size of the access code 
just above this text information is displayed enlarged 
compared to the other displayed icons. This means, that 
this access code can now be selected by pressing the 



jog dial 104. The circular arrangement of the icons is 
accompanied by a change of the size of each icon, 
whereby the size of an icon is smaller for icons closer 
to the top of the display. With the help of the jog dial, a 
5 user can rotate the arrangement of icons either clock- 
wise or counter-clockwise, whereby the icon ready for 
selection is always the biggest one near the bottom of 
the display. A circular arrangement in combination with 
a variation of the size of the icons as shown in Fig. 4a 
results in a 3-dimensional impression of the arrange- 
ment of access codes, emphasising the currently select- 
ed. 

[0046] Fig. 4b shows an alternative grid-like arrange- 
ment of access codes on the display. All icons and/or 
other kinds of access codes have the same size with the 
currently selected access codes displayed in an inverse 
or highlighted presentation. A user can navigate through 
the icons by using certain keys of the key pad 1 03 or by 
help of the jog dial with which he can change the current 
position according to the direction indicated by the ar- 
rows printed on the jog dial. If the number of access 
codes 402 presented by the access control exceeds the 
number of icons that can be displayed on the graphical 
display 101 , a scroll bar 403 will appear to inform the 
user that more icons than currently shown are available 
for the selection. 

[0047] Fig. 4c shows a further alternative arrange- 
ment of access codes on the display of the mobile 
phone. Hereby all icons are lined up either vertically or 
horizontally and the scroll bar located on the opposite 
side of the display than the icons indicates by arrows 
that more access codes are available when scrolling in 
the direction of the arrows. When the topmost or bot- 
tommost icon of a list is shown on the display, the re- 
spective arrow will vanish. 

[0048] While the principles of the invention have been 
described with reference to specific embodiments, this 
description is not meant to be construed in a limiting 
sense. Various modifications of the disclosed embodi- 
ments as well as other embodiments of the invention will 
be apparent to persons skilled in the art upon reference 
to this description. As an example, a request for a PIN 
entry may be omitted or the number of retries will be 
varied. Further, additional security codes might be intro- 
duced to the concept and/or the number of allowed us- 
ers may be restricted. Also the introduction of a special 
user with extra rights for controlling the access mecha- 
nism will be one of the modifications within the scope of 
the present invention. In addition, any variation in the 
access scheme as illustrated in Fig. 2 like e.g. a chang- 
ing of the sequence of the process steps, omitting ex- 
isting steps and/or adding new steps does not depart 
from the principles of the present invention. 



1 . A mobile terminal (1 00) for a wireless communica- 
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tion system, providing a protection against unau- 
thorised use of one or more functions of said mobile 
terminal during use, with 

an access control means (300) for controlling the 
access to said one or more functions on the basis 
of access codes 

a display means (101) for displaying a number of 
access codes (402) when one of said one or more 
functions is chosen, and 

a selecting means (104, 103) for selecting an ac- 
cess code (401) from said number of displayed ac- 
cess codes (402), whereby said access control 
means (300) grants access to said chosen function 
if a correct access code is selected. 

2. A mobile terminal according to claim 1 , 
characterised in 

that said access code comprise graphical elements 
and/or alphanumeric elements. 

3. A mobile terminal according to claim 1 or 2, 
characterised in 

that upon selecting a wrong access code for a first 
time, said access control means blocks said mobile 
terminal until a Personal Identity Number or the like 
is entered. 

4. A mobile terminal according to claim 3, 
characterised in 

that upon selecting a wrong access code for a sec- 
ond time, said access control means blocks said 
mobile terminal until a Personal Unlock Key or the 
like is entered. 

5. A mobile terminal according to any of the preceding 
claims, 

characterised by 

a function access control means (301) allowing a 
user to protect selected functions of said mobile ter- 
minal on the basis of access codes. 

6. A mobile terminal according to claim 5, 
characterised in 

that said function access control means allows to 
assign access codes for different users to one func- 
tion. 

7. A mobile terminal according to any of the preceding 
claims, 

characterised in 

that upon detection of a replaced Subscriber Iden- 
tity Module or the like said access control means 
blocks access to each protected function until a Per- 
sonal Unlock Key or the like is entered and the re- 
spective correct access code is selected. 

8. A mobile terminal according to any of the preceding 
claims, 



characterised by 

a detection means (304) for detecting an operation 
condition of said cellular mobiletelephone, whereby 
said access control means automatically enforces 
5 protection against further use of said protected 
functions depending on said detected operation 
condition. 

9. A mobile terminal according to claim 8, 
10 characterised in 

that said operation condition is defined as a prede- 
termined period of time during which no key entries 
are made and/or said operation condition is defined 
as said mobile terminal being connected to a charg- 
es ing device and/or if said mobile terminal is connect- 
ed to a hands free kit of a car said operation condi- 
tion is defined as the ignition of said car being 
switched off for a predetermined period of time. 

20 10. A mobile terminal according to any of the preceding 
claims, 

characterised in 

that said access control means is activated upon 
user action, e.g. activation of a key-lock. 

25 

1 1 . A mobile terminal according to any of the preceding 
claims, 

characterised in 

that said access control means turns off said mobile 
30 terminal completely upon a wrong access code be- 
ing selected three times in a row. 

12. Software product for providing a protection against 
unauthorised use of one ormore functions provided 

35 by a mobile terminal for a wireless communication 
system during use, said software product when be- 
ing loaded in a memory of said mobile terminal be- 
ing able to perform the following program steps : 

40 displaying (S5) a number of access codes (402) 

on the display (101) of said mobile terminal 
(100), 

verifying (S7) an access code (401 ) selected by 
a user from said number of access codes 402, 
« and 

granting access (S9) to said respective function 
if a correct access code is selected. 

13. A software product according to claim 12, 
so characterised in 

that said access code comprise graphical elements 
and/or alphanumeric elements. 

14. A software product according to claim 12 or 13, 
55 characterised by 

program steps (S72) for blocking said mobile termi- 
nal upon selection of a wrong access code for a first 
time until a Personal Identification Number or the 
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like is entered. 

15. A software product according to claim 14, 
characterised by 

program steps (S72) for blocking said mobile termi- 
nal upon selection of a wrong access code for a sec- 
ond time until a Personal Unlock Key or the like is 
entered. 



program steps (S72) for turning off said mobile ter- 
minal completely upon a wrong access code being 
selected three times In a row. 



16. A software product according to one of the claims 
12 to 15, 

characterised by 

program steps allowing a user to protect selected 
functions of said mobile terminal on the basis of ac- 
cess codes. 



w 



15 



17. A software product according to claim 16, 
characterised by 

program steps allowing to assign access codes for 
different users to one function. 



20 



18. A software product according to one of the claims 
12 to 17, 

characterised by 

program steps for blocking access to each protect- 
ed function after an exchange of a Subscriber Iden- 
tity Module or the like until a Personal Unlock Key 
is entered and the respective correct access code 
is selected. 

19. A software product according to one of the claims 
12 to 18, 

characterised by 

program steps for automatically enforcing protec- 
tion against further use of said protected functions 
upon a detected operation condition. 

20. A software product according to claim 19, 
characterised in 

that said operation condition is defined as a prede- 
termined period of time during which no key entries 
are made and/or said operation condition is said 
mobile terminal being connected to a charging de- 
vice and/or said operation condition is the ignition 
of a car being switched off for a predetermined pe- 
riod of time if said mobile terminal is connected to 
a hands free kit of said car. 



25 



30 



35 



40 



45 



21. A software product according to any of the claims 
12 to 20, 

characterised by 

program steps for activating said protection of pro- 
tected functions upon user action, e.g. activation of 
a key-lock. 

22. A software product according to one of the claims 
12 to 21 

characterised by 
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